Vaultwarden, Cloudflare Tunnel and local reverse proxy

I setup vw on a Docker host running on my homelab server. I followed a guide for using Caddy 2 as a reverse proxy. It’s been great and I learnt a lot.

I use a Cloudflare tunnel to get access to my vw instance.

My first question is, did I really need to use Caddy 2 as a reverse proxy when I am using a Cloudflare tunnel?
I’ve since stopped Caddy 2 from running, because of a port 80 conflict with some new services that I am running, including NGINX Proxy Manager.

Vaultwarden is still running happily without Caddy 2 running. I am guessing that Caddy 2 was only needed to create my initial user account? Perhaps the SSL cert created will expire at some point though?

My next question is, do I need to run a local reverse proxy? If so, what’s needed to switch vw over to NGINX Proxy Manager? FYI, I know how to configure a reverse proxy in NGINX, just not sure of the consequences of changing reverse proxies. I’m trying to tread carefully, so I don’t lose access to vw by making a mistake. Yes, I’ve made a backup of my vault :slight_smile:

Apologies if these questions seem odd, I am still learning.